Why Smart Contracts Reported as Vulnerable were not Exploited?

Abstract: <p>As smart contracts process digital assets, their security is essential for blockchain applications. Many approaches have been proposed to detect smart contract vulnerabilities. Studies show that few of the reported vulnerabilities are exploited and hypothesize that many of the reported vulnerabilities are false positives. However, no follow-up study is performed to confirm the hypothesis and understand why the reported vulnerabilities are not exploited. In this study, we first collect 136,969 unique r… Show more

“…Most of them focus on identifying vulnerabilities without distinguishing whether the vulnerabilities are exploitable. 14 F I G U R E 1 (A-C) The process by which an attacker exploits the vulnerabilities RE, UcC, and TO. Static detectors, for example, Oyente, 8 SmartCheck, 17 Slither, 24 Clairvoyance, 18 SoliDetector, 25 mainly compare the target SC with the vulnerable code pattern at the source code level.…”

“…The categories of unexploitable vulnerabilities are explained below, which are based on the reasons for not being able to exploit SC vulnerabilities concluded from an empirical study. 14 • CO. Critical operations include transfer, state variable change, and return value that may affect contract execution. If the reported vulnerability does not involve critical operations, the vulnerability cannot cause any harm and is, therefore, unexploitable.…”

“…If the vulnerability in the vulnerable SC cannot be exploited by attackers or cause security compromises, it is unexploitable . The blockchain security mechanisms and application scenarios of the blockchain technology prevent some vulnerabilities from being exploitable 14 …”

“…The blockchain security mechanisms and application scenarios of the blockchain technology prevent some vulnerabilities from being exploitable. 14 SOTA static detectors, for example, Oyente, 8 Zeus, 15 Securify, 16 SmartCheck, 17 Clairvoyance, 18 analyze the SCs at the source code or bytecode level as an EOA user. They usually miss interactions between the target SC and CAs, resulting in missing external-risky vulnerabilities.…”

“…14 In summary, existing SC vulnerability detectors are insufficient to exploit the external-risky vulnerabilities using CAs and have weaknesses to differentiate exploitable from unexploitable. 14 Precise detection of external-risky vulnerabilities, especially exploitable ones, is critical for developers and security engineers to prioritize efforts to mitigate emerging and critical risks. Our study aims to address the weaknesses of the SOTA SC vulnerability detector by answering the research question: How to effectively and efficiently detect exploitable external-risky vulnerabilities?…”

SoliTester: Detecting exploitable external‐risky vulnerability in smart contracts using contract account triggering method

“…Most of them focus on identifying vulnerabilities without distinguishing whether the vulnerabilities are exploitable. 14 F I G U R E 1 (A-C) The process by which an attacker exploits the vulnerabilities RE, UcC, and TO. Static detectors, for example, Oyente, 8 SmartCheck, 17 Slither, 24 Clairvoyance, 18 SoliDetector, 25 mainly compare the target SC with the vulnerable code pattern at the source code level.…”

“…The categories of unexploitable vulnerabilities are explained below, which are based on the reasons for not being able to exploit SC vulnerabilities concluded from an empirical study. 14 • CO. Critical operations include transfer, state variable change, and return value that may affect contract execution. If the reported vulnerability does not involve critical operations, the vulnerability cannot cause any harm and is, therefore, unexploitable.…”

“…If the vulnerability in the vulnerable SC cannot be exploited by attackers or cause security compromises, it is unexploitable . The blockchain security mechanisms and application scenarios of the blockchain technology prevent some vulnerabilities from being exploitable 14 …”

“…The blockchain security mechanisms and application scenarios of the blockchain technology prevent some vulnerabilities from being exploitable. 14 SOTA static detectors, for example, Oyente, 8 Zeus, 15 Securify, 16 SmartCheck, 17 Clairvoyance, 18 analyze the SCs at the source code or bytecode level as an EOA user. They usually miss interactions between the target SC and CAs, resulting in missing external-risky vulnerabilities.…”

“…14 In summary, existing SC vulnerability detectors are insufficient to exploit the external-risky vulnerabilities using CAs and have weaknesses to differentiate exploitable from unexploitable. 14 Precise detection of external-risky vulnerabilities, especially exploitable ones, is critical for developers and security engineers to prioritize efforts to mitigate emerging and critical risks. Our study aims to address the weaknesses of the SOTA SC vulnerability detector by answering the research question: How to effectively and efficiently detect exploitable external-risky vulnerabilities?…”

SoliTester: Detecting exploitable external‐risky vulnerability in smart contracts using contract account triggering method

Smart Contracts in Finance and Banking Systems in the Era of Industry 5.0: A Systematic Review